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I  AT AC  Background 


•  Providing  the  DoD  a  central  point 
of  access  for  Information 
Assurance  (IA)  since  1996 

•  Identified  by  DAIG  as  an  IA 
Center  of  Excellence 

•  IA  holdings  available  for 
searching  and  downloading 

•  Lessons  learned 


•  Processed  significant  number  of 
Delivery  Orders  -  many  for 
PEO/PMs 

•  Present  to  NDU  and  DAU  regularly 

•  Can  do  work  up  to  the  TS/SCI 
level 


Information  for  the  Defense  Community 


Providing  Information 


•  PEO/PMs  need  readily  available  targeted 
information,  and  they  need  it  at  minimal/no 
cost 

•  We  can  provide  you  information  through  a 
variety  of  resources: 

-  Web  (http://iac.dtic.mil/iatac) 

-  lAnewsletter 

-  State-of-the-Art  Reports  (SOARs) 

-  Critical  Review  Technology  Assessments 
(CR/TAs) 

-  Tools  Reports 

-  Total  Electronic  Migration  System  (TEMS) 

-  Subject  Matter  Experts  (SMEs) 

-  Technical  Inquiries 

-  IA  Digest 

-  IA/IO  Events  Scheduler 
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Our  latest  SOAR  is 
Software  Security 
Assurance 


Insider  Threat  to 
Information  Systems  at 
NSAfor  publishing  10 


Oct  08 


-  Research  Update 
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Total  Electronic  Migration 
System  (TEMS) 

•  Google  like  features  accessible  on  any 
Web  browser  on  any  operating  system 

•  Search,  retrieve,  and  use  STI  from  all  10 
functional  IAC  domains 

•  Search  individual  lACs  as  “libraries” 


•  Utilize  Boolean  searches  to  locate 
information 

•  Perform  pattern  search  for  a  general 
subject  area 

•  Perform  a  concept  search  on  a  single  term 

•  Search  full  metadata  and  document  text 


248K+  documents  available  In  TEMS 

1M+  Metadata  records 

STI  from  government,  industry  and 
academia 

Register  at  h ttps://tems-ia c. dtic. mil 


•  Save  queries 

•  View,  edit,  and  export  bibliographies  in 
various  formats 
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IA  Acquisition  Strategy 


•  All  PEO/PMs  must  follow  a  required  set  of 
IA  acquisition  instructions 

-  Clinger-Cohen  Act 

-  DoDI  8580.1 

-  DoDD  8500  series 

•  IATAC  has  SMEs  with  knowledge  of  IA 
acquisition  requirements  &  access  to 
resources  to  enhance  your  program 

•  IATAC  provided  research  &  development, 
recommendations,  and  SMEs  for  the 
development  of  Federal  &  DoD  IA 
directives,  instructions  &  guides 

-  DoDD  8500.1  IA 

-  DoDD  8500.2  IA  Implementation 
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PEO/PMs  are  responsible  for  a  program 
IA  Strategy: 

•  IA  within  their  program 

•  Funding  resources  for  IA 

•  Dutiful  implementation  of  IA 

•  https://extranet.tias.osd.mil/programs 


-  DoDI  8510.01  DIACAP  Policy 


-  Over  46  NIST  Special  Publications  (800 
series) 
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Certification  & 
Accreditation 

•  Tool  kit  of  resources  to  help  the  PEO/PMs  achieve 
successful  certification  and  accreditation 

•  Targeted  recommendations  to  the  development  and 
writing  of  DIACAP  policy  for  the  ASD(NII)/DoD  CIO 

-  IATAC  developed  critical  DIACAP  concepts  including  impact 
codes  and  severity  categories,  type  accreditations, 
inheritance,  and  IA  control  validation  procedures 


Developed  the  web-based  tool,  the  DIACAP  Knowledge 
Service 

-  Knowledge  Service  contains  an  online  repository  of 
authorized  IA  control  sets  for  the  GIG  and  a  library  of  tools  to 
assist  in  the  execution  of  DIACAP 

Developed  automated  C&A  management  tool,  Enterprise 
Mission  Assurance  Support  Service  (eMASS) 

-  A  joint  research  initiative  of  OSD(NII),  OSD(AT&L),  and  DLA, 
eMASS  reengineers  and  automates  a  broad  range  of  IA 
functions  to  deliver  a  comprehensive,  fully  integrated  IA 
management  capability  at  the  enterprise  level 
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Training 


•  Provide  PEO/PMs  specialized  training 
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•  Developed  the  Training  Database  for  the 
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essential  training  required. 
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-  This  effort  has  been  a  precursor  to  the 

DoDD  8570,  which  specifies  training  and 

certification  requirements  for  every  IA 

professional  and  positioned  the  JTF  in  front 

Over  the  past  12  months, 

of  the  requirement,  saving  it  time  and 

IATAC  has  held  specialized 

resources. 

training  classes,  and  has 

•  Provided  the  lA/NetOps  curriculum  to  DoD 

trained  many  individuals 

students  since  2004. 
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Cutting  Edge  R&D 


•  Developed  the  Automated  Security 
Self-Evaluation  Tool  (ASSET) 

-  Identified  by  OMB  as  1  of  top  3  IT 
security  accomplishments  to  automate 
NIST’s  Security  Self-Assessment 
Guide  for  IT 
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•  Developed  a  proof  of  concept 
demonstration  to  showcase  the 
Computer  Network  Defense  (CND) 
data  standards  functionality  in  a  net- 
centric  environment 


Providing  IA  research  and  analysis 
for  tactical  switching  network  Joint 
Concept  Technology  Demonstration 
(JCTD)  for  SPAWAR  and  PEO  C4I 
&  Space 


Standards  being  adopted  across  DoD 
and  Federal  Government 


•  Provided  commercial-off-the-shelf 
(COTS)  supportability  strategy  for 
MILSATCOM  terminal  program  offices 


IATAC  does  your  work  everyday 


-  Identified  IA  requirements  for  current 
and  future  COTS  routers 
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Technical  Inquiries 


0-4  • 

hours  # 

5-25 

hours 

24-40 

hours 


40-80 

hours 


PEO/PMs  have  specific  tough  IA  questions 
that  need  to  be  addressed 

IATAC  can  answer  your  toughest  time 
sensitive  IA  questions 

-  All  you  need  to  do  is  be  a  DTIC  registered  user  [ _ J 

Basic  Inquiry  (free)  -  Answer  IA  questions 

Extended  Inquiry  -  Search  information 
sources,  conduct  analysis,  determine 
analytical  techniques  to  meet  inquiries 

Search  and  Summary  -  Identify  literature 
specific  to  the  inquiry  and  provide  copies  of 
the  most  pertinent  documents 

Review  and  Analysis  -  Provide  in-depth 
analysis  and  synthesis  of  relevant  literature 
and  laboratory  research  on  a  particular 
subject 


“The  US  Dept  of  Energy,  Office  of  Intelligence 
and  Counterintelligence  is  deeply  indebted  and 
very  appreciative  to  IATAC.” 

Mr.  Rich  Kaplan,  Department  of  Energy 

In  response  to  lATACs  answer  to  a  question 
regarding  the  mandated  conversion  of  IPV4  to  IPV6 


‘Thanks  very  much,  this  package  looks  great.  I 
appreciate  the  hard  work!” 

Ms.  Patti  Benner,  Office  of  the  Deputy  CIO,  ASCYNII 

In  response  to  lATACs  answer  to  a  request  to 
identify  the  top  think  tanks  in  the  cyber  community 
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IATAC  SME  Program 


Comprised  of  diverse  group  of  IA  and  R&D 
professionals 

Members  are  part  of  the  Government  (to  include 
DoD),  Industry,  and  Academic  communities 

Utilized  as  resources  for  technical  inquiries  and  STI 

SME’s  have  expertise  in  the  following  areas  of 
Information  Assurance: 

-  DoD  IA  Strategy 

-  DIACAP/eMASS 

-  System  Security  Engineering 

-  IA  Requirements 

-  I A  Architectural  Design 

-  Computer  Network  Defense 

-  IA  Emerging  Technologies  Analysis 

-  Information  Warfare 
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-Hacking 

-Information  Security 
-Wireless  Security 
-Information  Operations 
-Security  Tools 
-Cybercrime 
-Malicious  Code 
-Standards  and  Guidance 
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IATAC  Contract 


PEO/PMs  need  a  contract  that  is  flexible 

The  IATAC  contract  was  competitively 
awarded 

-  This  is  not  a  sole  source  contract 

Competitive  win  allows  for  targeted  Technical 
Area  Tasks  that  brings  the  focused  R&D  skills 
to  PEO/PM  programs 

TATs  can  have  up  to  3-year  Periods  of 
Performance  (POPs) 

-  Reduces  frequency  of  contractual  actions 
saving  time  and  resources 

-  Facilitates  a  more  measured  approach  to  the 
work  performed 

Subscription  Accounts  are  available 

-  Short  duration,  smaller  funding  level,  specific 
focus 


Sample  work  performed  under  a  TAT: 

IATAC  performed  research  and  analysis 
for  the  development  of  IA  architectures 
for  the  Air  Force’s  KC-10  aerial  refueling 
aircraft  onboard  voice  and  data 
communication  systems  and  navigation 
interfaces 

-  First  time  IA  architectures  had 
been  developed  for  the  KC-10 


Contract  is  R&D  deliverables  (STI)  based 


-  Allows  for  information  sharing 
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IATAC  Contract 


•  Incremental  funding  allowed  ...  does  not 
have  to  be  fully  funded  upfront 

-  Flexibility  in  funding  in  a  resource 
constrained  environment 

-  TATs  are  executed  as  cost  and  schedule 
permits 

•  Can  have  funding  across  fiscal  years 
(situational) 


IATAC  provided  IA  analysis  for  2 
prototype  TSw/Network  Management 
Systems  (eNMS  Increment  I  to 
Norfolk/Honolulu).  IATAC  successfully 
met  cost,  schedule,  performance 
objectives  for  the  USN  Shore 
Modernization  Strategy. 
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I ATAC  . . . 
a  partnership  for  IA 


•  What  can  IATAC  do  for  you? 

-  Enhance  your  performance 

•  Access  information 

•  Assist  with  meeting  policy 

•  Provide  in-depth  IA  analysis 

-  Keep  your  schedule 

-  Provide  cost-conscience  solutions 

•  What  can  you  do  for  IATAC  that  will  mutually 
benefit  all? 

-  Register  with  DTIC  and  become  an  authorized 
user 

-  Register  with  IATAC  and  become  a  SME 

-  Submit  your  information  for  inclusion  into 
TEMS  and  lATAC’s  holding 

-  Submit  technical  articles  for  publication  in  the 
lAnewsletter 

-  Become  knowledgeable  of  lATAC’s  products 

and  services  and  use  them  Information  for  the  Defense  Community  (  B  j 


Visit  us  on  the  V\feb: 

http://iac.dtic.mil/iatac 

Email  us:  iatac@dtic.mil 

Call  our  inquiry  line:  703/984-0775 

Gene  Tyler 
IATAC  Director 
703/984-0744 

tyler  qene@3ah.com 

A  Arnold 

IATAC  Deputy  Director 
703/984-3736 

arnold  al@3ah.com 

Dot  Filbert 

IATAC  Senior  Deliverables  Manager 
703/984-2822 

filbert  dorothy@3ah.com 


